Hi Rob, list, dhcp client had a segfault, when DHCP message contained 'pad' option.
The parsing logic kept checking for other options beyond __pad__ option, without checking if it was __end__ option after that or not. --- a/toys/pending/dhcp.c 2014-05-14 06:15:01.000000000 +0530 +++ b/toys/pending/dhcp.c 2014-05-21 14:11:22.396020084 +0530 @@ -1101,7 +1101,10 @@ } while (*optptr != DHCP_OPTION_END) { - while (*optptr == DHCP_OPTION_PADDING) optptr++; + if (*optptr == DHCP_OPTION_PADDING) { + optptr++; + continue; + } if (*optptr == DHCP_OPTION_OVERLOAD) { overloaded = optptr[2]; optptr += optptr[1] + 2; Please apply the attched fix patch to dhcp.c regards, Ashwini
dhcp.c.patch
Description: Binary data
_______________________________________________ Toybox mailing list Toybox@lists.landley.net http://lists.landley.net/listinfo.cgi/toybox-landley.net